Unified limits API doesn't expose model information

Bug #1765193 reported by Lance Bragstad on 2018-04-18
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)

Bug Description

One of the primary advantages of the unified limit concept in keystone was that keystone would expose the limit model via the API so that other services could reason about it during enforcement with oslo.limit.

This was documented in the Queens specification [0], but the implementation never included it. This wasn't a real big deal because the only enforcement model supported currently is flat. We should add this API before we mark the unified limit API as stable or before we add any more enforcement models to keystone.

[0] http://specs.openstack.org/openstack/keystone-specs/specs/keystone/queens/limits-api.html#flat-hierarchy-enforcement

Changed in keystone:
importance: Undecided → Medium
status: New → Confirmed
status: Confirmed → Triaged
tags: added: limits
wangxiyuan (wangxiyuan) wrote :

yeah, this API is mentioned in the spec:

I can start coding once it's merged.

Lance Bragstad (lbragstad) wrote :

No problem - I have a couple patches up for review that start the implementation [0].

[0] https://review.openstack.org/#/q/status:open+project:openstack/keystone+branch:master+topic:bug/1765193

Related fix proposed to branch: master
Review: https://review.openstack.org/562714

Related fix proposed to branch: master
Review: https://review.openstack.org/562715

Changed in keystone:
assignee: nobody → Lance Bragstad (lbragstad)
status: Triaged → In Progress

Reviewed: https://review.openstack.org/562713
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=b8e8a8b55071f13be89d282c36e949b9f306e5e0
Submitter: Zuul
Branch: master

commit b8e8a8b55071f13be89d282c36e949b9f306e5e0
Author: Lance Bragstad <email address hidden>
Date: Thu Apr 19 15:13:47 2018 +0000

    Add configuration option for enforcement models

    We eventually want deployers to be able to choose which enforcement
    model they want for their deployment. This commit adds a new
    configuration options that exposes the enforcement model via config.

    This will dictate how project limits are validated.

    Change-Id: Ied398b92fef09f3a446960b0757c68a21ba50ed6
    Related-Bug: 1765193

Changed in keystone:
assignee: Lance Bragstad (lbragstad) → wangxiyuan (wangxiyuan)
Changed in keystone:
assignee: wangxiyuan (wangxiyuan) → Lance Bragstad (lbragstad)
Changed in keystone:
assignee: Lance Bragstad (lbragstad) → wangxiyuan (wangxiyuan)

Reviewed: https://review.openstack.org/562714
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=0022adb6ae44a8d0a471d22dcd1bf2b95ee88490
Submitter: Zuul
Branch: master

commit 0022adb6ae44a8d0a471d22dcd1bf2b95ee88490
Author: Lance Bragstad <email address hidden>
Date: Thu Apr 19 15:17:04 2018 +0000

    Add policy for limit model protection

    We plan to expose the enforcement model a deployment is using via
    the limit API. This commit prepares for that implementation by
    introducing the policy for it.

    Change-Id: I03c9cec3646ee354ebcdd4ddc1168e00d611171b
    Related-Bug: 1765193

Reviewed: https://review.openstack.org/562715
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=fd4b7371338d9a7d5487254ada3303eef7796d62
Submitter: Zuul
Branch: master

commit fd4b7371338d9a7d5487254ada3303eef7796d62
Author: Lance Bragstad <email address hidden>
Date: Thu Apr 19 15:22:50 2018 +0000

    Implement enforcement model logic in Manager

    This commit adds the necessary bits to return the enforcement model
    used by a deployment in the limit Manager. A subsequent patch will
    expose this functionality via the API.

    This commit also starts introdcuing the concept of enforcement
    models and puts the flat model into its own module. This will make
    more sense and be easier to maintain as we implement more models.

    Change-Id: I32227eb0023e6b6ce699909fabb60a63a07f0969
    Related-Bug: 1765193
    Related-Bug: 1768572

Reviewed: https://review.openstack.org/562716
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=5a52e5aab71cec3840a79616914af5ece8c0af49
Submitter: Zuul
Branch: master

commit 5a52e5aab71cec3840a79616914af5ece8c0af49
Author: Lance Bragstad <email address hidden>
Date: Thu Apr 19 15:33:56 2018 +0000

    Expose endpoint to return enforcement model

    This commit wires up the last couple pieces of code to expose
    a deployment's enforcement model information via the API. This
    is going to be consumed by other services to make decisions about
    quota calculation.

    Change-Id: I02431d58b50aab2a2da8ca5f90938472aad7a935
    Closes-Bug: 1765193

Changed in keystone:
status: In Progress → Fix Released

This issue was fixed in the openstack/keystone release candidate.

Changed in keystone:
milestone: none → rocky-3
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers